10.3 TLS Authentication Methods

In GnuTLS authentication methods can be implemented quite
easily. Since the required changes to add a new authentication method
affect only the handshake protocol, a simple interface is used. An
authentication method needs to implement the functions shown below.

Those functions are responsible for the
interpretation of the handshake protocol messages. It is common for such
functions to read data from one or more credentials_t
structures24 and write data,
such as certificates, usernames etc. to auth_info_t structures.

Simple examples of existing authentication methods can be seen in
auth/psk.c for PSK ciphersuites and auth/srp.c for SRP
ciphersuites. After implementing these functions the structure holding
its pointers has to be registered in gnutls_algorithms.c in the
_gnutls_kx_algorithms structure.